Mark Strembeck

A scenario-driven role engineering process for functional RBAC roles

In this paper we present a novel scenario-driven role engineering process for RBAC roles. The scenario concept is of central significance for the presented approach. Due to the strong human factor in role engineering scenarios are a good means to drive the process. We use scenarios to derive permissions and to define tasks. Our approach considers changeability issues and enables the straightforward incorporation of changes into affected models. Finally we discuss the experiences we gained by applying the scenario-driven role engineering process in three case studies.

An integrated approach to engineer and enforce context constraints in RBAC environments

We present an approach that uses special purpose role-based access control (RBAC) constraints to base certain access control decisions on context information. In our approach a context constraint is defined as a dynamic RBAC constraint that checks the actual values of one or more contextual attributes for predefined conditions. If these conditions are satisfied, the corresponding access request can be permitted. Accordingly, a conditional permission is an RBAC permission that is constrained by one or more context constraints. We present an engineering process for context constraints that is based on goal-oriented requirements engineering techniques, and describe how we extended the design and implementation of an existing RBAC service to enable the enforcement of context constraints. With our approach we aim to preserve the advantages of RBAC and offer an additional means for the definition and enforcement of fine-grained context-dependent access control policies.

An approach to engineer and enforce context constraints in an RBAC environment

This paper presents an approach that uses special purpose RBAC constraints to base certain access control decisions on context information. In our approach a context constraint is defined as a dynamic RBAC constraint that checks the actual values of one or more contextual attributes for predefined conditions. If these conditions are satisfied, the corresponding access request can be permitted. Accordingly, a conditional permission is an RBAC permission which is constrained by one or more context constraints. We present an engineering process for context constraints, that is based on goal-oriented requirements engineering techniques, and describe how we extended the design and implementation of an existing RBAC service to enable the enforcement of context constraints. With our approach we aim to preserve the advantages of RBAC, and offer an additional means for the definition and enforcement of fine-grained context-dependent access control policies.

Factors of process model comprehension-Findings from a series of experiments

In order to make good decisions about the design of information systems, an essential skill is to understand process models of the business domain the system is intended to support. Yet, little knowledge to date has been established about the factors that affect how model users comprehend the content of process models. In this study, we use theories of semiotics and cognitive load to theorize how model and personal factors influence how model viewers comprehend the syntactical information of process models. We then report on a four-part series of experiments, in which we examined these factors. Our results show that additional semantical information impedes syntax comprehension, and that theoretical knowledge eases syntax comprehension. Modeling experience further contributes positively to comprehension efficiency, measured as the ratio of correct answers to the time taken to provide answers. We discuss implications for practice and research.

Influence Factors of Understanding Business Process Models

The increasing utilization of business process models both in business analysis and information systems development raises several issues regarding quality measures. In this context, this paper discusses understandability as a particular quality aspect and its connection with personal, model, and content related factors. We use an online survey to explore the ability of the model reader to draw correct conclusions from a set of process models. For the first group of the participants we used models with abstract activity labels (e.g. A, B, C) while the second group received the same models with illustrative labels such as “check credit limit”. The results suggest that all three categories indeed have an impact on the understandability.

Modeling process-related RBAC models with extended UML activity models

ContextBusiness processes are an important source for the engineering of customized software systems and are constantly gaining attention in the area of software engineering as well as in the area of information and system security. While the need to integrate processes and role-based access control (RBAC) models has been repeatedly identified in research and practice, standard process modeling languages do not provide corresponding language elements. ObjectiveIn this paper, we are concerned with the definition of an integrated approach for modeling processes and process-related RBAC models - including roles, role hierarchies, statically and dynamically mutual exclusive tasks, as well as binding of duty constraints on tasks. MethodWe specify a formal metamodel for process-related RBAC models. Based on this formal model, we define a domain-specific extension for a standard modeling language. ResultsOur formal metamodel is generic and can be used to extend arbitrary process modeling languages. To demonstrate our approach, we present a corresponding extension for UML2 activity models. The name of our extension is Business Activities. Moreover, we implemented a library and runtime engine that can manage Business Activity runtime models and enforce the different policies and constraints in a software system. ConclusionThe definition of process-related RBAC models at the modeling-level is an important prerequisite for the thorough implementation and enforcement of corresponding policies and constraints in a software system. We identified the need for modeling support of process-related RBAC models from our experience in real-world role engineering projects and case studies. The Business Activities approach presented in this paper is successfully applied in role engineering projects.

An approach to extract RBAC models from BPEL4WS processes

The Business Process Execution Language for Web services (BPEL) has become the defacto standard for Web service composition. Yet, it does not address security aspects. This paper is concerned with access control for BPEL based processes. We present an approach to integrate role-based access control (RBAC) and BPEL on the meta-model level. Moreover, we show that such integration can be used to automate steps of the role engineering process. In particular, we extract RBAC models from BPEL processes and present an XSLT converter that transforms BPEL code to the XML import format of the xoRBAC software component.

Scenario-Driven Role Engineering

Access control deals with eliciting, specifying, enforcing, and maintaining access control policies in software-based systems. Recently, role-based access control (RBAC)-together with various extensions-has developed into a de facto standard for access control. Scenario-driven role engineering is a systematic approach for defining customized RBAC models, including roles, permissions, constraints, and role hierarchies. Since its first publication in 2002, the author gained considerable experience with scenario-driven role engineering, and several consulting firms and international projects have adopted the approach. Based on these experiences, the author enhanced the approach and now has a much deeper understanding of the relations between different role-engineering artifacts, the need for process tailoring, and the use of preexisting documents in role-engineering activities.

Design and implementation of a flexible RBAC-service in an object-oriented scripting language

In this paper we present the design and implementation of the xorbac component that provides a flexible RBAC service. The xorbac, implementation conforms to level 4a of the unified NIST model for RBAC and can be reused for arbitrary applications on Unix or Windows with a C or Tcl linkage. xorbac runtime elements can be serialized and recreated from RDF data models conforming to a well-defined RDF schema. Furthermore we present our experiences with xorbac for the deployment within the HTTP environment for a web-based mobile code system.

Experiences with the enforcement of access rights extracted from ODRL-based digital contracts

In this paper, we present our experiences concerning the enforcement of access rights extracted from ODRL-based digital contracts. We introduce the generalized Contract Schema (CoSa) which is an approach to provide a generic representation of contract information on top of rights expression languages. We give an overview of the design and implementation of the xoRELInterpreter software component. In particular, the xoRELInterpreter interprets digital contracts that are based on rights expression languages (e.g. ODRL or XrML) and builds a runtime CoSa object model. We describe how the xorbac access control component and the xoRELInterpreter component are used to enforce access rights that we extract from ODRL-based digital contracts. Thus, our approach describes how ODRL-based contracts can be used as a means to disseminate certain types of access control information in distributed systems.